On Thursday, June 21, the popular social media website Twitter.com was knocked out for 40 minutes, the longest outage the website has ever experienced. The hacker group known as UGNazi has taken credit for causing the outage, according to its twitter page. The hacker group claimed "We just #TangoDown'd twitter.com for 40 minutes worldwide! #UGnazi," in a tweet Thursday afternoon. The term TangoDown was started by the group Anonymous when referencing a successful attack on a planned target. The group acts similarly to the hacker group Anonymous in its actions, listing its targets and reasons for attacking these targets. A few examples of these are found on their website: "Google -- for the Lulz, nothing can stop us, 4chan.org -- Eliminate the Pedophiles, Naqdaq.com [sic] -- F* the stock-market." The most common method used by hackers like UGNazi and Anonymous when attacking websites is DDoS, or Distributed Denial of Service attacks, where hackers overload the target's website with fake traffic, causing the servers to crash. Twitter has not confirmed that their servers were knocked out from a hacking attack, claiming that they were knocked out from a "cascaded bug."
DDoS attacks are tough to prevent. Many experts agree that making sure your gateway servers, switches, and firewalls are updated with the most recent versions of their operating systems. This can help protect from attacks that rely on TCP/IP and TCP/IP stack implementation weaknesses. Another more drastic measure to prevent Distributed Denial of Service attacks would be to drastically expand the amount of bandwidth your servers have so they can handle as much traffic as possible.
Global Payments falls on data hack update
Summary by Tim Houmes
Earlier this year, Global Payments, a payment processor, claimed that roughly 1.5 million credit and debit accounts may have been accessed by hackers. At that time, the company did not believe that other personal information required to use the accounts, such as addresses and names, had been accessed. On Tuesday, June 12, the company announced that hackers may have actually accessed the personal data of many of these customers. That data included names, addresses, Social Security numbers, drivers' license numbers and bank account information. The announcement has led to a 19% drop in stock price and the company is estimating that these damages will cost about $30 million. The company will have more information about these costs on July 26.
This breach shows just how important it is for companies to secure their valuable assets such as customer account information. These kinds of breaches can be extremely costly and mostly preventable. The company could take stronger measures to encrypt these data through hashing credit account numbers or other crucial information that these hackers would need commit fraud. Another measure would be to not store data (such as names, addresses, or social security numbers) on servers that are connected to the Internet. Keeping data like that offline is a surefire way to prevent hackers from being able to access it- that is, however, if your company can find a way to function smoothly without having these data connected to the networks.
Summary by Tim Houmes
On Thursday, June 21, the popular social media website Twitter.com was knocked out for 40 minutes, the longest outage the website has ever experienced. The hacker group known as UGNazi has taken credit for causing the outage, according to its twitter page. The hacker group claimed "We just #TangoDown'd twitter.com for 40 minutes worldwide! #UGnazi," in a tweet Thursday afternoon. The term TangoDown was started by the group Anonymous when referencing a successful attack on a planned target. The group acts similarly to the hacker group Anonymous in its actions, listing its targets and reasons for attacking these targets. A few examples of these are found on their website: "Google -- for the Lulz, nothing can stop us, 4chan.org -- Eliminate the Pedophiles, Naqdaq.com [sic] -- F* the stock-market." The most common method used by hackers like UGNazi and Anonymous when attacking websites is DDoS, or Distributed Denial of Service attacks, where hackers overload the target's website with fake traffic, causing the servers to crash. Twitter has not confirmed that their servers were knocked out from a hacking attack, claiming that they were knocked out from a "cascaded bug."
DDoS attacks are tough to prevent. Many experts agree that making sure your gateway servers, switches, and firewalls are updated with the most recent versions of their operating systems. This can help protect from attacks that rely on TCP/IP and TCP/IP stack implementation weaknesses. Another more drastic measure to prevent Distributed Denial of Service attacks would be to drastically expand the amount of bandwidth your servers have so they can handle as much traffic as possible.
Global Payments falls on data hack update
Summary by Tim Houmes
Earlier this year, Global Payments, a payment processor, claimed that roughly 1.5 million credit and debit accounts may have been accessed by hackers. At that time, the company did not believe that other personal information required to use the accounts, such as addresses and names, had been accessed. On Tuesday, June 12, the company announced that hackers may have actually accessed the personal data of many of these customers. That data included names, addresses, Social Security numbers, drivers' license numbers and bank account information. The announcement has led to a 19% drop in stock price and the company is estimating that these damages will cost about $30 million. The company will have more information about these costs on July 26.
This breach shows just how important it is for companies to secure their valuable assets such as customer account information. These kinds of breaches can be extremely costly and mostly preventable. The company could take stronger measures to encrypt these data through hashing credit account numbers or other crucial information that these hackers would need commit fraud. Another measure would be to not store data (such as names, addresses, or social security numbers) on servers that are connected to the Internet. Keeping data like that offline is a surefire way to prevent hackers from being able to access it- that is, however, if your company can find a way to function smoothly without having these data connected to the networks.
50/50